https://bugs.llvm.org/show_bug.cgi?id=51739
Bug ID: 51739
Summary: Other APIs can be used after
FuzzedDataProvider::ConsumeRemainingBytes
Product: compiler-rt
Version: unspecified
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P
Component: compiler-rt
Assignee: [email protected]
Reporter: [email protected]
CC: [email protected]
We had a recent bug in a fuzzer where ConsumeBool was called after
ConsumeRemainingBytes, discovered by [email protected] by viewing fuzzer
coverage information. Would it make sense for ConsumeRemainingBytes to put the
fuzzed data provider in an invalid state such that additional calls to read
data from the fuzzer result in an abort? Any path where Consume* follows
ConsumeRemainingBytes means that certain coverage is impossible.
--
You are receiving this mail because:
You are on the CC list for the bug._______________________________________________
llvm-bugs mailing list
[email protected]
https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
